phaser Posted February 12, 2008 Share Posted February 12, 2008 hee can some one test my sites ? urls: - www.chocoshop.nl - www.bonnenwereld.nl - www.verjaardagscheque.nl - www.hotchocs.nl - www.chococard.nl - www.vrijetijdcheque.nl - www.verjaardagscadeau.com Link to comment Share on other sites More sharing options...
Coreye Posted February 12, 2008 Share Posted February 12, 2008 I tested www.verjaardagscadeau.com. Cross Site Scripting: There is Cross Site Scripting when you register if the fields contains ">code. Full Path Disclosure: http://verjaardagscadeau.com/sites/default/pages/cadeau_bestellen.php Fatal error: Call to undefined function: get_singles() in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/cadeau_bestellen.php on line 14 Full Path Disclosure: http://verjaardagscadeau.com/sites/default/pages/checkout.php Fatal error: Call to undefined function: are_there_any_singles() in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/checkout.php on line 4 Full Path Disclosure: http://verjaardagscadeau.com/sites/default/pages/faq.php Fatal error: Call to undefined function: show_faq_list() in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/faq.php on line 6 Full Path Disclosure: http://verjaardagscadeau.com/sites/default/pages/kiescadeau.php Warning: main(../includes/connection.php) [function.main]: failed to open stream: No such file or directory in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/kiescadeau.php on line 2 Warning: main() [function.include]: Failed opening '../includes/connection.php' for inclusion (include_path='.:/usr/local/share/pear') in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/kiescadeau.php on line 2 Warning: main(../includes/verify.php) [function.main]: failed to open stream: No such file or directory in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/kiescadeau.php on line 3 Warning: main() [function.include]: Failed opening '../includes/verify.php' for inclusion (include_path='.:/usr/local/share/pear') in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/kiescadeau.php on line 3 Warning: main(../includes/functions.php) [function.main]: failed to open stream: No such file or directory in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/kiescadeau.php on line 4 Warning: main() [function.include]: Failed opening '../includes/functions.php' for inclusion (include_path='.:/usr/local/share/pear') in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/kiescadeau.php on line 4 Full Path Disclosure: http://verjaardagscadeau.com/sites/default/pages/mijn_bestellingen.php Warning: main(../../core/status.php) [function.main]: failed to open stream: No such file or directory in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/mijn_bestellingen.php on line 18 Warning: main() [function.include]: Failed opening '../../core/status.php' for inclusion (include_path='.:/usr/local/share/pear') in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/mijn_bestellingen.php on line 18 Full Path Disclosure: http://verjaardagscadeau.com/sites/default/pages/mijn_gegevens.php Fatal error: Call to undefined function: get_user_data() in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/mijn_gegevens.php on line 63 Full Path Disclosure: http://verjaardagscadeau.com/sites/default/pages/vj_cld.php Warning: mysql_query() [function.mysql-query]: Access denied for user 'root'@'localhost' (using password: NO) in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/vj_cld.php on line 33 Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/vj_cld.php on line 33 Fatal error: Call to undefined function: show_calendar() in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/vj_cld.php on line 38 Full Path Disclosure: http://verjaardagscadeau.com/sites/default/pages/vj_invoeren_stap1.php Warning: mysql_query() [function.mysql-query]: Access denied for user 'root'@'localhost' (using password: NO) in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/vj_invoeren_stap1.php on line 11 Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/vj_invoeren_stap1.php on line 11 Fatal error: Call to undefined function: show_calendar() in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/vj_invoeren_stap1.php on line 16 Full Path Disclosure: http://verjaardagscadeau.com/sites/default/pages/vj_invoeren_stap2.php Fatal error: Call to undefined function: give_tmpid() in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/vj_invoeren_stap2.php on line 4 Full Path Disclosure: http://verjaardagscadeau.com/sites/default/pages/vj_list.php Warning: mysql_query() [function.mysql-query]: Access denied for user 'root'@'localhost' (using password: NO) in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/vj_list.php on line 74 Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/vj_list.php on line 74 Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/vj_list.php on line 75 Full Path Disclosure: http://verjaardagscadeau.com/sites/default/pages/vj_viewcld.php Warning: mysql_query() [function.mysql-query]: Access denied for user 'root'@'localhost' (using password: NO) in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/vj_viewcld.php on line 14 Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/vj_viewcld.php on line 14 Fatal error: Call to undefined function: show_calendar() in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/vj_viewcld.php on line 19 Full Path Disclosure: http://verjaardagscadeau.com/sites/default/pages/vj_viewlist.php Warning: mysql_query() [function.mysql-query]: Access denied for user 'root'@'localhost' (using password: NO) in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/vj_viewlist.php on line 74 Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/vj_viewlist.php on line 74 Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /usr/local/sites/verjaardagscadeau.com/data/sites/default/pages/vj_viewlist.php on line 75 Link to comment Share on other sites More sharing options...
GameYin Posted February 12, 2008 Share Posted February 12, 2008 *Whistles* A lot of errors. Link to comment Share on other sites More sharing options...
Recommended Posts